K
Q

Invalid host header and default backend 404 with Kubernetes ingress controller

11/5/2019

Accessing my nodejs/react site using the URL displays "Invalid Host header". Accessing it through the public IP displays "default backend - 404".

I am using Kubernetes nginx controller with Azure cloud and load balancer.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myrule
  namespace: mynamespace
  annotations:
    kubernetes.io/ingress.class: nginx
    certmanager.k8s.io/cluster-issuer: letsencrypt-staging
    nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
  tls:
  - hosts:
    - mysite.uknorth.cloudapp.azure.com
    secretName: tls-secret
  rules:
  - host: mysite.uknorth.cloudapp.azure.com
    http:
      paths:
      - backend:
          serviceName: service-ui
          servicePort: 8080
        path: /
      - backend:
          serviceName: service-api
          servicePort: 8999
        path: /api

Any guidance appreciated.

-- Confounder
azure
kubernetes
kubernetes-ingress

Similar Questions

GKE Config Connector StorageBucket resource times out on kubectl apply
Kubernetes pods getting different CPU limits
how to - helm install using private registry
Is there a way to mount volumes to a kubernetes docker compose deployment?
How to modify Kubeflow source code before deploying it with Kubernetes?
How to access postgresql, deployed on Kubernetes cluster

2 Answers

11/8/2019

Thanks for your feedback. It turns out the problem was not with the ingress rule above. The service-ui was running the incorrect command parameters thus not acknowledging the request. I missed the fact that the service-api was responding correctly.

In short, check the endpoints and running services are configured correctly - more a lesson for me than anyone else. I received a response by curling the service locally but that didn't mean it could handle https requests over ingress as the service was configured incorrectly.

Also, another lesson for me, ask the developers if the correct image is being used for the build. And ask them again if they say yes.

-- Confounder
Source: StackOverflow
11/6/2019

So let's assume the SSL part is ok (link) since you can reach the nginx ingress controller.

Your rewrite annotation is not necessary for what you need. Take a look at these rules:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myrule
  namespace: mynamespace
  annotations:
    kubernetes.io/ingress.class: nginx
    certmanager.k8s.io/cluster-issuer: letsencrypt-staging
spec:
  tls:
  - hosts:
    - mysite.uknorth.cloudapp.azure.com
    secretName: tls-secret
  rules:
  - host: mysite.uknorth.cloudapp.azure.com
    http:
      paths:
      - backend:
          serviceName: service-ui
          servicePort: 8080
        path: /
      - backend:
          serviceName: service-api
          servicePort: 8999
        path: /api

Whatever you send to /api/.* will be redirected to service-api. And whatever you send to / will be send to service-ui.

-- Rodrigo Loza
Source: StackOverflow